Граф коммитов

26856 Коммитов

Автор SHA1 Сообщение Дата
Marcono1234 a7670fbcab Java: Enhance IncorrectSerializableMethods.ql 2021-10-11 02:05:53 +02:00
Marcono1234 12936ff5fe Java: Fix IncorrectSerializableMethods.ql using wrong readObject signature 2021-10-11 02:05:53 +02:00
Marcono1234 b009886664 Java: Add TypeObjectInputStream 2021-10-11 02:05:50 +02:00
Marcono1234 a74d423d82 Java: Improve AnnotationPresentCheck.ql 2021-10-11 01:03:46 +02:00
Rasmus Lerchedahl Petersen 64b1aeaecd Python: Shorten toString for module vars 2021-10-10 15:59:31 +02:00
Rasmus Lerchedahl Petersen 0aa632d149 Python: Move writing of module vars
into runtime jump steps.
2021-10-10 15:49:33 +02:00
yoff 9c9c5c09ff
Merge pull request #6837 from RasmusWL/more-unsafe-deserialization-sinks
Python: More unsafe deserialization sinks
2021-10-10 14:33:53 +02:00
yoff f6122c8a6c
Merge pull request #6734 from erik-krogh/regBehind
JS/PY: do not filter away regular expressions with lookbehinds
2021-10-10 13:54:26 +02:00
Henry Mercer 5b26d41d27 C++: Improve SARIF severity level reporting of extractor diagnostics 2021-10-08 17:53:55 +01:00
Rasmus Wriedt Larsen a50b193c40 Python: Model data-flow for `x or y` and `x and y` 2021-10-08 18:32:30 +02:00
Rasmus Wriedt Larsen 15476c2513 Python: Add data-flow tests for BoolExp
> 6.11. Boolean operations

> The expression x and y first evaluates x; if x is false, its value is
> returned; otherwise, y is evaluated and the resulting value is
> returned.

> The expression x or y first evaluates x; if x is true, its value is
> returned; otherwise, y is evaluated and the resulting value is
> returned.
2021-10-08 18:29:06 +02:00
Geoffrey White 79f13cae55
Merge pull request #6839 from geoffw0/toctoufp
CPP: Add test cases for cpp/toctou-race-condition
2021-10-08 16:15:00 +01:00
Rasmus Lerchedahl Petersen 705970cedd Python: Update tests to use correct tag 2021-10-08 16:57:36 +02:00
Cornelius Riemenschneider 84883d115d
Merge pull request #6813 from adityasharad/docs/database-create-bazel
CLI docs: Add example for creating a database using a Bazel build command
2021-10-08 16:56:10 +02:00
Rasmus Lerchedahl Petersen 8ba01abcd6 Merge branch 'python-dataflow/init-time' of github.com:yoff/codeql into python-dataflow/init-time 2021-10-08 16:53:08 +02:00
Anders Schack-Mulligen 2185a654de Java: Fix some performance issues. 2021-10-08 15:53:14 +02:00
Anders Schack-Mulligen 5d0e72755d
Merge pull request #6770 from aschackmull/java/stream-model
Java: Add models for java.util.stream.
2021-10-08 15:48:50 +02:00
Geoffrey White 1c56573194 C++: Add tests. 2021-10-08 14:30:27 +01:00
Geoffrey White dd95131630 C++: Test spacing. 2021-10-08 14:28:42 +01:00
Rasmus Lerchedahl Petersen 4807f50c00 Merge branch 'main' of github.com:github/codeql into python-dataflow/init-time 2021-10-08 14:55:01 +02:00
ihsinme 8c42545d1c
Update FindWrapperFunctions.qhelp 2021-10-08 13:10:36 +03:00
Rasmus Wriedt Larsen fd0c386a4c Python: Add change-note 2021-10-08 12:06:18 +02:00
Rasmus Wriedt Larsen 5e6f042f6e Python: Model `pickle.Unpickler` 2021-10-08 11:55:54 +02:00
Rasmus Wriedt Larsen 75b06d8a25 Python: Model `dill.load` 2021-10-08 11:55:54 +02:00
Rasmus Wriedt Larsen 4820be3b10 Python: Model keyword arguments to `dill.loads` 2021-10-08 11:55:54 +02:00
Rasmus Wriedt Larsen 9180257afe Python: Refactor `Dill.qll`
So it matches the layout of all our other qll modules modeling a PyPI
package.
2021-10-08 11:55:54 +02:00
Rasmus Wriedt Larsen f9333fc551 Python: Expand `dill` tests 2021-10-08 11:55:54 +02:00
Rasmus Wriedt Larsen 42980a1ab4 Python: Model `shelve.open` 2021-10-08 11:55:54 +02:00
Tony Torralba 2df30dc107 Use InlineFlowTest for local and remote flow tests 2021-10-08 11:48:35 +02:00
Anders Schack-Mulligen 446c738f20
Merge pull request #6790 from aschackmull/dataflow/force-precision
Dataflow: Force high precision of certain Contents.
2021-10-08 11:44:26 +02:00
ihsinme d79596354e
Update cpp/ql/src/experimental/Security/CWE/CWE-1041/FindWrapperFunctions.ql
Co-authored-by: Mathias Vorreiter Pedersen <mathiasvp@github.com>
2021-10-08 11:50:45 +03:00
Tom Hvitved 951df380a9
Merge pull request #6829 from hvitved/csharp/gvn-to-string-concat-range
C#: Speedup GVN string `concat`s by pulling ranges into separate predicates
2021-10-08 10:02:31 +02:00
Anders Schack-Mulligen 06e59f3b17
Merge pull request #6832 from github/workflow/coverage/update
Update CSV framework coverage reports
2021-10-08 09:53:49 +02:00
Anders Schack-Mulligen 1bec58dee5 Dataflow: Fix more qldoc: s/accesspath/access path/. 2021-10-08 09:41:26 +02:00
github-actions[bot] 062250741a Add changed framework coverage reports 2021-10-08 00:08:55 +00:00
Rasmus Wriedt Larsen a81d359669 Python: Model `marshal.load` 2021-10-07 21:27:51 +02:00
Rasmus Wriedt Larsen 1b61296ea5 Python: Model `pickle.load` 2021-10-07 21:25:48 +02:00
Rasmus Wriedt Larsen 27c368a444 Python: Model keyword arguments to `pickle.loads` 2021-10-07 21:24:12 +02:00
Rasmus Wriedt Larsen 3592b09d56 Python: Expand stdlib decoding tests
The part about claiming there is decoding of the input to `shelve.open`
is sort of an odd one, since it's not the filename, but the contents of
the file that is decoded.

However, trying to only handle this problem through path injection is
not enough -- if a user is able to upload and access files through
`shelve.open` in a path injection safe manner, that still leads to code
execution.

So right now the best way we have of modeling this is to treat the
filename argument as being deserialized...
2021-10-07 21:11:51 +02:00
Rasmus Wriedt Larsen a31bf75169 Python: Refactor `pickle.loads()` modeling 2021-10-07 20:28:30 +02:00
Robert Marsh 2539e3247a
Merge pull request #6814 from MathiasVP/fix-qldoc-in-copy-instruction
C++/C#: Fix QLDoc of `CopyInstruction`
2021-10-07 11:18:38 -07:00
Aditya Sharad 2ed572095c
CLI docs: Address comments on Bazel example 2021-10-07 10:51:11 -07:00
yoff 933412eb8d
Apply suggestions from code review
Co-authored-by: Taus <tausbn@github.com>
2021-10-07 17:45:07 +02:00
Chris Smowton 9a80ab31c4
Merge pull request #6567 from luchua-bc/java/sensitive_android_file_leak
Java: CWE-200 - Query to detect exposure of sensitive information from android file intent
2021-10-07 15:19:39 +01:00
Chris Smowton 39640efc9b Remove no-longer-needed TaintPreservingCallables and update test expectations 2021-10-07 14:33:39 +01:00
Anders Schack-Mulligen 2b88a2aa0c Dataflow: Fix qldoc: s/accesspath/access path/. 2021-10-07 14:46:24 +02:00
Anders Schack-Mulligen f885751107 Java: Add change note. 2021-10-07 14:42:19 +02:00
Tom Hvitved 764a987b09 C#: Speedup GVN string `concat`s by pulling ranges into separate predicates 2021-10-07 13:51:05 +02:00
haby0 538bf7c321
Update python/ql/src/experimental/Security/CWE-348/ClientSuppliedIpUsedInSecurityCheck.ql
Co-authored-by: yoff <lerchedahl@gmail.com>
2021-10-07 19:44:25 +08:00
Anders Schack-Mulligen fc69acee46 Java: Add test. 2021-10-07 13:28:02 +02:00